insert this redirect in your web.xml to handle redirects for axis2 webapp
<error-page>
<error-code>303</error-code>
<location>/RobertosAlternateServlet.jsp</location>
</error-page>
NB: once you have created private/public keys with certificate i would strongly
advise you copy those items to a secure folder
and update tomcat or rampart to acquire the keys and certs from that secure
folder
whomever is changing the certs is causing considerable delay to your deployment
timetable
Saludos Cordiales desde EEUU
Martin
______________________________________________
Jogi és Bizalmassági kinyilatkoztatás/Verzicht und
Vertraulichkeitanmerkung/Note de déni et de confidentialité
Ez az üzenet bizalmas. Ha nem ön az akinek szánva volt, akkor kérjük, hogy
jelentse azt nekünk vissza. Semmiféle továbbítása vagy másolatának készítése
nem megengedett. Ez az üzenet csak ismeret cserét szolgál és semmiféle jogi
alkalmazhatósága sincs. Mivel az electronikus üzenetek könnyen
megváltoztathatóak, ezért minket semmi felelöség nem terhelhet ezen üzenet
tartalma miatt.
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger
sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung
oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem
Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung.
Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung
fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le
destinataire prévu, nous te demandons avec bonté que pour satisfaire informez
l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est
interdite. Ce message sert à l'information seulement et n'aura pas n'importe
quel effet légalement obligatoire. Étant donné que les email peuvent facilement
être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité
pour le contenu fourni.
From: [email protected]
To: [email protected]
Subject: axis over https
Date: Wed, 11 May 2011 11:26:34 +0200
Hi everybody,
I need to create a client of a web service which runs under a Tomcat requiring
https protocol; i.e. the url of the service is something like
https://host:port/someService. The Tomcat uses self-signed certificates. I have
found examples on the Internet which say that with Axis 1 that was easy to do
using the org.apache.axis.components.net.SunFakeTrustSocketFactory class.
However, with Axis 2 it seems not that easy.
Looks like there are three options.
1.- Manually download the certificate file and programmatically instruct the
client (the protocol used by the client to be correct) to access the
certificate with code like this
Protocol protocol = new Protocol ("https", new AuthSSLProtocolSocketFactory
(new URL("keystore URL"), "password", new URL("truststore URL"), "password"),
443);
2.- Programatically attempt at http://host:port/someService and, after
receiving a response like "302 Temporarily moved...", programatically download
the certificate and continue like option 1. I have seen the SoapUI tool to
behave like this. I still haven't figured out how to do that but there must be
a way to implement this.
3.- Register an implementation of the
org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory which does
not require a certificate. I know about the
org.apache.commons.httpclient.contrib.ssl.EasySSLProtocolSocketFactory class,
but this is not part of the standard distribution of the httpclient (Apache
Commons) which comes with Axis2. The code would be sth like this
Protocol.unregisterProtocol("https");
Protocol.registerProtocol("https", new Protocol("https", new
EasySSLProtocolSocketFactory(), 443));
Unfortunatelly option 1 is unworkable for me due to the fact that certificates
are changed at the server frequently. Option 3 is the last resort. Option 2 is
for me the ideal one. Has anybody implemented sth like option 2?
Thanks a lot in advance.
/Roberto.
